Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms.
Patrick Gage KelleySaranga KomanduriMichelle L. MazurekRichard ShayTimothy VidasLujo BauerNicolas ChristinLorrie Faith CranorJulio LópezPublished in: IEEE Symposium on Security and Privacy (2012)